REST Resource: alerts

Resource: Alert

An alert affecting a customer.

JSON representation
{
  "customerId": string,
  "alertId": string,
  "createTime": string,
  "startTime": string,
  "endTime": string,
  "type": string,
  "source": string,
  "data": {
    "@type": string,
    field1: ...,
    ...
  },
  "securityInvestigationToolLink": string,
  "deleted": boolean
}
Fields
customerId

string

Output only. The unique identifier of the Google account of the customer.

alertId

string

Output only. The unique identifier for the alert.

createTime

string (Timestamp format)

Output only. The time this alert was created.

startTime

string (Timestamp format)

Required. The time the event that caused this alert was started or detected.

endTime

string (Timestamp format)

Optional. The time the event that caused this alert ceased being active. If provided, the end time must not be earlier than the start time. If not provided, the end time defaults to the start time.

type

string

Required. The type of the alert. This is output only after alert is created. For a list of available alert types see G Suite Alert types.

source

string

Required. A unique identifier for the system that reported the alert. This is output only after alert is created.

Supported sources are any of the following:

  • Google Operations
  • Mobile device management
  • Gmail phishing
  • Domain wide takeout
  • Government attack warning
  • Google identity

data

object

Optional. The data associated with this alert, for example google.apps.alertcenter.type.DeviceCompromised.

deleted

boolean

Output only. True if this alert is marked for deletion.

Methods

delete

Marks the specified alert for deletion.

get

Gets the specified alert.

list

Lists the alerts.

undelete

Restores, or "undeletes", an alert that was marked for deletion within the past 30 days.